- Published on
The Case of Using Biometric Signatures
- ZorroSign Staff
With the era of “going paperless” well underway, the days of “wet signs” are soon going to be an ancient history. Going paperless, of course has its advantages, ranging from efficiency to environmental benefits, however, it is vital to keep in mind safety and security when it comes to using eSignatures as the replacement of actual wet signatures.
There is a plethora of evidence supporting the tectonic shift of going digital, however, many are concerned about the end-to-end execution of the entire document signing process. The US Federal ESIGN act defines it as, “an electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record.” This is a broad definition, and there are a plethora of ways documents can be signed electronically and contracts (or transactions) can be executed ranging from entering your initials, checking a box, typing your name, pasting a scanned image of your signature, and using a cryptographic-based digital signature.
Many digital signature solutions have been created with different levels of security measures around each. These include ensuring that they are tamper proof by forming a link between the signatory and his signature with the help of an encryption key that may be in the possession of the signatory. This layered security ensures that the three vital aspects of the digital signature that ensure its legal validity have not been breached. These three aspects are:
Authentication: All the signatories are known to each other and can be authenticated easily.
Integrity: The signatories are the same persons who have signed the contract. I.e., the documents and the digital signatures have not been changed en-route
Non-repudiation: None of the signatories to a contract can deny that they are in fact, the actual signatories of the contract
But, this however, leaves a glaring gap, the susceptibility to hacks, forgery, and fraud.
Enter the world of biometric signatures.
Biometric verification of a signature now adds yet another level of security to the documents that are a part of a digital transaction. The idea is to find a very unique way to authenticate and verify signatory because even the most complex passwords can be cracked. Biometrics is the natural answer because it is unique and, if done right, cannot be stolen or duplicated. A ‘bio’ signature is pretty much amongst the highest levels of security solutions out there. It has the capability of recording individual idiosyncrasies of the person signing the digital document. Traditionally biometrics means signing and verifying signatures and documents with retina scan, iris scan, and recently popularized by mobile devices, fingerprints and facial recognition technology. Advanced biometric may also use the personal mannerisms of the signatory such as the ‘flourish’ of the pen when he signs, when he slows down and consequently where he accelerates when signing, his overall rhythm and speed; and many other seemingly random variables that taken together, form a highly personalized and forensically identifiable and therefore utterly unique foolproof signature.
And the applications for biometric signatures are endless. They can be as basic as opening a bank account to as complex as closing multi-million dollar deals. Biometrics can also be used in conjunction to a simple 2-form authentication. Biometrics can be used not only to secure the digital transactions but also to restrict access to authorized individuals only. And we are just getting started.